Scanned pages/files
Request | Server response | Status |
http://www.e-dan.pl/ | 200 OK Content-Length: 15864 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- Indonesia people --> <!-- document.write(unescape('%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%5A%65%79%6E%6E%79%6D%6F%75%5A%20%3C%2F%74%69%74%6C%65%3E%0A%3C%6C%69%6E%6B%20%72%65%6C%3D%22%53%48%4F%52%54%43%55%54%20%49%43%4F%4E%22%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%78%63%72%75%7A%7A%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%2F%66%61%76%69%63%6F%6E%2E%69%63%6F%27%22%3E%0A%3C%6D%65%74%61%20%63%6F%6E%74%65%6E%7 ...[3569 bytes skipped]... Decoded script: ...[4327 bytes skipped]... om{opacity:0;}to{opacity:10;}} </style> <div id="zone">ZeynnymouZ</div><div class="hacked">Hacked By</div><div class="depace">Borneo Security Crew</div> <p align="center"> </p> <p align="center"> </p> <p align="center"> </p> <p align="center"> </p> <br><br> <br> <iframe width="1" height="1" scrolling="no" frameborder="no" src="http://pn-jakartatimur.go.id/sh-gc/b0x-sh.mp3"></iframe><br> </style> <link href='http://fonts.googleapis.com/css?family=Sirin Stencil' rel='stylesheet' type='text/css'> <p align="center"> </p> <p align="center"> </p> <p align="center"> </p> <p align="center"> </p> <p align="center">&am ...[419 bytes skipped]... Deface/Content modification. The following signature was found: Hacked By ZeynnymouZ <title>Hacked By ZeynnymouZ </title>
<link rel="SHORTCUT ICON" href="http://xcruzz.blogspot.com/favicon.ico'"> <meta content='Hacked by ZeynnymouZ' name='description'/> <meta content='Hacked by ZeynnymouZ' name='keywords'/> <meta content='Hacked by ZeynnymouZ' name='Abstract'/> <Script Language='Javascript'> <!-- Indonesia people --> <!-- document.write(unescape('%3C%74%69 ...[15498 bytes skipped]... | ||
http://www.e-dan.pl/test404page.js | 404 Not Found Content-Length: 1070 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: e-dan.pl
Result:
GET / HTTP/1.1
Host: e-dan.pl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: e-dan.pl
Referer: http://www.google.com/search?q=e-dan.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: e-dan.pl
Referer: http://www.google.com/search?q=e-dan.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=e-dan.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://e-dan.pl/
Result: e-dan.pl is not infected or malware details are not published yet.
Result: e-dan.pl is not infected or malware details are not published yet.